Merge pull request #105 from Venafi/contacts-support

Added ability to set Users as contact/owners of the policy when created/updated

Author: rvelaVenafi

src/main/java/com/venafi/vcert/sdk/connectors/Connector.java

@@ -7,22 +7,17 @@
 import com.venafi.vcert.sdk.certificate.PEMCollection;
 import com.venafi.vcert.sdk.certificate.RenewalRequest;
 import com.venafi.vcert.sdk.certificate.RevocationRequest;
-import com.venafi.vcert.sdk.certificate.SshCaTemplateRequest;
-import com.venafi.vcert.sdk.certificate.SshCertRetrieveDetails;
-import com.venafi.vcert.sdk.certificate.SshCertificateRequest;
-import com.venafi.vcert.sdk.certificate.SshConfig;
 import com.venafi.vcert.sdk.connectors.ConnectorException.MissingCredentialsException;
 import com.venafi.vcert.sdk.endpoint.Authentication;
 import com.venafi.vcert.sdk.endpoint.ConnectorType;
-import com.venafi.vcert.sdk.policy.domain.PolicySpecification;
 
 
 /**
  * 
  * This represents the connector to TPP or Cloud 
  *
  */
-public interface Connector {
+public interface Connector extends ISSHConnector, IPMConnector{
 
 	Authentication getCredentials();
 
@@ -66,7 +61,7 @@ public interface Connector {
 	void ping() throws VCertException;
 
 	/**
-	 * This is the default implementation which provides an mechanism to authenticate the credentials
+	 * This is the default implementation which provides a mechanism to authenticate the credentials
 	 *  provided in the {@link Authentication} object.
 	 * Behind the scene, it's validating if the credentials were provided calling the 
 	 * {@link #isEmptyCredentials(Authentication)} method and if that returns true, then a {@link MissingCredentialsException} 
@@ -177,62 +172,4 @@ String requestCertificate(CertificateRequest request, String zone)
 	 * @throws VCertException
 	 */
 	ImportResponse importCertificate(ImportRequest request) throws VCertException;
-
-	/**
-	 * Reads the policy configuration for a specific zone in Venafi
-	 * 
-	 * @param zone
-	 * @return
-	 * @throws VCertException
-	 */
-	Policy readPolicyConfiguration(String zone) throws VCertException;
-
-	/**
-	 * Create/update a policy based on the policySpecification passed as argument.
-	 * 
-	 * @param policyName
-	 * @param policySpecification
-	 * @throws VCertException
-	 */
-	void setPolicy(String policyName, PolicySpecification policySpecification) throws VCertException;
-
-	/**
-	 * Returns the policySpecification from the policy which matches with the policyName argument.
-	 * 
-	 * @param policyName
-	 * @return
-	 * @throws VCertException
-	 */
-	PolicySpecification getPolicy(String policyName) throws VCertException;
-
-	/**
-	 * Request a new SSH Certificate.
-	 * @param sshCertificateRequest The {@link com.venafi.vcert.sdk.certificate.SshCertificateRequest SshCertificateRequest} instance needed to do the request. 
-	 * For more information about of which properties should be filled, please review the documentation of 
-	 * {@link com.venafi.vcert.sdk.certificate.SshCertificateRequest SshCertificateRequest}.
-	 * @return The DN of the created SSH certificate object. It can be used as pickup ID to retrieve the created SSH Certificate. 
-	 * For more details review the {@link #retrieveSshCertificate(SshCertificateRequest) retrieveSshCertificate(SshCertificateRequest)} method.
-	 * @throws VCertException 
-	 */
-	String requestSshCertificate(SshCertificateRequest sshCertificateRequest) throws VCertException;
-
-	/**
-	 * Retrieve a requested SSH Certificate
-	 * @param sshCertificateRequest The {@link com.venafi.vcert.sdk.certificate.SshCertificateRequest SshCertificateRequest} instance needed to do the request. 
-	 * <br>It's mandatory to set the PickUpID which is the value of the DN returned when the SSH Certificate was requested.
-	 * For more information about of which properties should be filled, please review the documentation of 
-	 * {@link com.venafi.vcert.sdk.certificate.SshCertificateRequest SshCertificateRequest}.
-	 * @return A {@link com.venafi.vcert.sdk.certificate.SshCertRetrieveDetails SshCertRetrieveDetails} containing the Certificate Data of the created Certificate.
-	 * @throws VCertException
-	 */
-	SshCertRetrieveDetails retrieveSshCertificate(SshCertificateRequest sshCertificateRequest) throws VCertException;
-
-	/**
-	 * Retrieve the {@link com.venafi.vcert.sdk.certificate.SshConfig SshConfig} of the CA specified in the 
-	 * {@link com.venafi.vcert.sdk.certificate.SshCaTemplateRequest SshCaTemplateRequest}.
-	 * @param sshCaTemplateRequest
-	 * @return A {@link com.venafi.vcert.sdk.certificate.SshConfig SshConfig}.
-	 * @throws VCertException
-	 */
-	SshConfig retrieveSshConfig(SshCaTemplateRequest sshCaTemplateRequest) throws VCertException;
 }

src/main/java/com/venafi/vcert/sdk/connectors/ConnectorException.java

@@ -11,6 +11,7 @@
 
 import com.venafi.vcert.sdk.VCertException;
 import com.venafi.vcert.sdk.certificate.CsrOriginOption;
+import com.venafi.vcert.sdk.connectors.tpp.endpoint.IdentityEntry;
 
 /**
  * @author Marcos E. Albornoz Abud
@@ -307,8 +308,7 @@ public CertificateRejectedException(String pickupId, String status) {
 			this.status = status;
 		}
 	}
-	
-	
+
 	public static class CertificateDNOrThumbprintWasNotProvidedException extends ConnectorException {
 
 		private static final long serialVersionUID = 1L;
@@ -492,4 +492,55 @@ public KeyStoreZipCompressionRatioExceeded(String certificateId, String fileName
 		}
 	}
 
+	public static class VaaSApplicationNotFoundException extends ConnectorException {
+
+		private static final long serialVersionUID = 1L;
+		private static final String message  = "Application with name %s could not be found on VaaS account";
+
+		public VaaSApplicationNotFoundException(String appName) {
+			super(format(message, appName));
+		}
+
+	}
+
+	public static class MissingTppIdentityException extends ConnectorException {
+
+		private static final long serialVersionUID = 1L;
+		private static final String message = "TPP Identity cannot be null";
+
+		public MissingTppIdentityException() {
+			super(message);
+		}
+	}
+
+	public static class IdentityExtraneousInformationException extends ConnectorException {
+
+		private static final long serialVersionUID = 1L;
+		private static final String message = "Extraneous information returned in the identity response. Expected: 1, " +
+				"found: %s.\t\n%s";
+
+		public IdentityExtraneousInformationException(IdentityEntry[] identityList) {
+			super(format(message, identityList.length, get_bad_data(identityList)));
+		}
+
+		private static String get_bad_data(IdentityEntry[] identityList) {
+			StringBuilder bad_data = new StringBuilder();
+			for (IdentityEntry entry : identityList) {
+				bad_data.append(entry.toString()).append("\n");
+			}
+
+			return bad_data.toString();
+		}
+	}
+
+	public static class TppContactException extends ConnectorException {
+
+		private static final long serialVersionUID = 1L;
+		private static final String message = "Error while retrieving contact attribute from policy %s:\nError: %s";
+
+		public TppContactException(String policy, String error) {
+			super(format(message, policy, error));
+		}
+	}
+
 }

src/main/java/com/venafi/vcert/sdk/connectors/IPMConnector.java

@@ -0,0 +1,34 @@
+package com.venafi.vcert.sdk.connectors;
+
+import com.venafi.vcert.sdk.VCertException;
+import com.venafi.vcert.sdk.policy.domain.PolicySpecification;
+
+public interface IPMConnector {
+
+    /**
+     * Reads the policy configuration for a specific zone in Venafi
+     *
+     * @param zone
+     * @return
+     * @throws VCertException
+     */
+    Policy readPolicyConfiguration(String zone) throws VCertException;
+
+    /**
+     * Create/update a policy based on the policySpecification passed as argument.
+     *
+     * @param policyName
+     * @param policySpecification
+     * @throws VCertException
+     */
+    void setPolicy(String policyName, PolicySpecification policySpecification) throws VCertException;
+
+    /**
+     * Returns the policySpecification from the policy which matches with the policyName argument.
+     *
+     * @param policyName
+     * @return
+     * @throws VCertException
+     */
+    PolicySpecification getPolicy(String policyName) throws VCertException;
+}

src/main/java/com/venafi/vcert/sdk/connectors/ISSHConnector.java

@@ -0,0 +1,41 @@
+package com.venafi.vcert.sdk.connectors;
+
+import com.venafi.vcert.sdk.VCertException;
+import com.venafi.vcert.sdk.certificate.SshCaTemplateRequest;
+import com.venafi.vcert.sdk.certificate.SshCertRetrieveDetails;
+import com.venafi.vcert.sdk.certificate.SshCertificateRequest;
+import com.venafi.vcert.sdk.certificate.SshConfig;
+
+public interface ISSHConnector {
+
+    /**
+     * Request a new SSH Certificate.
+     * @param sshCertificateRequest The {@link com.venafi.vcert.sdk.certificate.SshCertificateRequest SshCertificateRequest} instance needed to do the request.
+     * For more information about of which properties should be filled, please review the documentation of
+     * {@link com.venafi.vcert.sdk.certificate.SshCertificateRequest SshCertificateRequest}.
+     * @return The DN of the created SSH certificate object. It can be used as pickup ID to retrieve the created SSH Certificate.
+     * For more details review the {@link #retrieveSshCertificate(SshCertificateRequest) retrieveSshCertificate(SshCertificateRequest)} method.
+     * @throws VCertException
+     */
+    String requestSshCertificate(SshCertificateRequest sshCertificateRequest) throws VCertException;
+
+    /**
+     * Retrieve a requested SSH Certificate
+     * @param sshCertificateRequest The {@link com.venafi.vcert.sdk.certificate.SshCertificateRequest SshCertificateRequest} instance needed to do the request.
+     * <br>It's mandatory to set the PickUpID which is the value of the DN returned when the SSH Certificate was requested.
+     * For more information about of which properties should be filled, please review the documentation of
+     * {@link com.venafi.vcert.sdk.certificate.SshCertificateRequest SshCertificateRequest}.
+     * @return A {@link com.venafi.vcert.sdk.certificate.SshCertRetrieveDetails SshCertRetrieveDetails} containing the Certificate Data of the created Certificate.
+     * @throws VCertException
+     */
+    SshCertRetrieveDetails retrieveSshCertificate(SshCertificateRequest sshCertificateRequest) throws VCertException;
+
+    /**
+     * Retrieve the {@link com.venafi.vcert.sdk.certificate.SshConfig SshConfig} of the CA specified in the
+     * {@link com.venafi.vcert.sdk.certificate.SshCaTemplateRequest SshCaTemplateRequest}.
+     * @param sshCaTemplateRequest
+     * @return A {@link com.venafi.vcert.sdk.certificate.SshConfig SshConfig}.
+     * @throws VCertException
+     */
+    SshConfig retrieveSshConfig(SshCaTemplateRequest sshCaTemplateRequest) throws VCertException;
+}

src/main/java/com/venafi/vcert/sdk/connectors/cloud/Cloud.java

@@ -9,11 +9,7 @@
 
 import com.venafi.vcert.sdk.Config;
 import com.venafi.vcert.sdk.certificate.CertificateStatus;
-import com.venafi.vcert.sdk.connectors.cloud.domain.Application;
-import com.venafi.vcert.sdk.connectors.cloud.domain.CertificateDetails;
-import com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate;
-import com.venafi.vcert.sdk.connectors.cloud.domain.EdgeEncryptionKey;
-import com.venafi.vcert.sdk.connectors.cloud.domain.UserDetails;
+import com.venafi.vcert.sdk.connectors.cloud.domain.*;
 import com.venafi.vcert.sdk.connectors.cloud.endpoint.*;
 import com.venafi.vcert.sdk.utils.FeignUtils;
 
@@ -110,6 +106,18 @@ Response retrieveCertificate(@Param("id") String id, @Param("apiKey") String api
   @RequestLine("POST /outagedetection/v1/certificates/{id}/keystore")
   Response retrieveKeystore(@Param("id") String id, KeystoreRequest keystoreRequest, @Param("apiKey") String apiKey);
 
+  @Headers({"tppl-api-key: {apiKey}", "Content-Type: application/json"})
+  @RequestLine("GET /v1/users/username/{username}")
+  UserResponse retrieveUser(@Param("username") String username, @Param("apiKey") String apiKey);
+
+  @Headers({"tppl-api-key: {apiKey}", "Content-Type: application/json"})
+  @RequestLine("GET /v1/users/{id}")
+  User retrieveUserById(@Param("id") String id, @Param("apiKey") String apiKey);
+
+  @Headers({"tppl-api-key: {apiKey}", "Content-Type: application/json"})
+  @RequestLine("GET /v1/teams")
+  Teams retrieveTeams(@Param("apiKey") String apiKey);
+
   static Cloud connect() {
 	  return connect((Config)null);
   }

src/main/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnector.java

@@ -58,10 +58,10 @@
 import lombok.Getter;
 
 public class CloudConnector implements Connector {
-	
-	private static String APPLICATION_SERVER_TYPE_ID = "784938d1-ef0d-11eb-9461-7bb533ba575b";
 
-  private Cloud cloud;
+	private static final String APPLICATION_SERVER_TYPE_ID = "784938d1-ef0d-11eb-9461-7bb533ba575b";
+
+  private final Cloud cloud;
 
   @Getter
   private UserDetails user;
@@ -124,12 +124,8 @@ public boolean isEmptyCredentials(Authentication credentials) {
       if(credentials == null){
           return true;
       }
-      
-      if( isBlank(credentials.apiKey())) {
-      	return true;
-      }
 
-      return false;
+	  return isBlank(credentials.apiKey());
   }
 
   /**
@@ -155,9 +151,9 @@ public void authorize(Authentication credentials) throws VCertException {
   @Override
   public ZoneConfiguration readZoneConfiguration(String zone) throws VCertException {
 
-	  String valies[] = StringUtils.split(zone, "\\");
-	  String appName = valies[0];
-	  String citAlias = valies[1];
+	  String[] values = StringUtils.split(zone, "\\");
+	  String appName = values[0];
+	  String citAlias = values[1];
 
 	  CertificateIssuingTemplate cit = null;
 
@@ -584,7 +580,8 @@ public Policy readPolicyConfiguration(String zone) throws VCertException {
   public void setPolicy(String policyName, PolicySpecification policySpecification) throws VCertException {
     try {
       CloudPolicy cloudPolicy = CloudPolicySpecificationConverter.INSTANCE.convertFromPolicySpecification(policySpecification);
-      CloudConnectorUtils.setCit(policyName, cloudPolicy.certificateIssuingTemplate(), cloudPolicy.caInfo(), credentials.apiKey(), cloud);
+      CloudConnectorUtils.setCit(policyName, cloudPolicy.certificateIssuingTemplate(), cloudPolicy.caInfo(),
+			  cloudPolicy.owners(), credentials.apiKey(), cloud);
     } catch ( Exception e ) {
       throw new VCertException(e);
     }
@@ -641,7 +638,7 @@ private String[] parseZoneIdentifiers(String zone) throws VCertException {
       return new String[] {zone, null, null};
     } catch (IllegalArgumentException iae) {
       // The zone argument is not UUID, so we expect to be ProjectName\ZoneName
-      String zoneParsed[] = zone.split(Pattern.quote("\\"));
+      String[] zoneParsed = zone.split(Pattern.quote("\\"));
 
       if (zoneParsed.length != 2) {
         throw new VCertException(format(
@@ -662,8 +659,6 @@ private String[] parseZoneIdentifiers(String zone) throws VCertException {
 
 @Data
   public static class CertificateRequestsPayload {
-    // private String companyId;
-    // private String downloadFormat;
     @SerializedName("certificateSigningRequest")
     private String csr;
     private String zoneId;